Talking the alleged Apple iCloud hack on 1395 FIVEaa

FIVEaa logoThe third and final of today’s radio spots about the alleged hack of Apple’s iCloud service was at lunchtime, so I’d had time to wake up and gather my thoughts — as well as see how the infosec community was reacting.

The afternoon presenter on 1395 FIVEaa in Adelaide, Will Goodings, gave it plenty of time too, some 14 minutes, so we covered quite a few issues — including the privacy implications of cloud technology generally.

I sound a bit tired or something, though. Possibly because I was tired.

Play

The audio is ©2014 dmgRadio Australia.

Today’s previous two radio spots were for Nova 100 Melbourne and ABC Radio’s AM.

Talking the alleged Apple iCloud hack on ABC Radio AM

ABC logoA few minutes after doing the live spot on Nova 100, I recorded an interview on the alleged Apple iCloud hack for ABC Radio’s national current affairs program AM.

Reporter Emily Bourke would have gone away with a disjointed mess of soundbites, but the disjointedness isn’t so important when it’ll be edited into a multi-voice report.

I think this one quote best summarises my view of the compromise we enter into when using cloud services:

The big problem with creating massive online cloud storage systems — which is now the way we do things on the internet, whether it’s Apple or Microsoft or Google or Amazon or whoever — is that you create a vast honey pot of a target for the attackers.

Once you find one way to get in, you can potentially get access to hundreds of thousands, if not millions of people’s data.

The plus side is such concentrated services means they can hire some of the best security people they can find, putting brains onto the problem is obviously important. So at one level the cloud providers can, if they do it right, protect things far better than you or I could on computer systems under our own control.

The failures are therefore going to be far less frequent. It’s just that when the failures do happen they can be catastrophic.

Here’s the full story, served directly from the ABC website, where you can also read the transcript.

Play

The audio is of course ©2014 Australian Broadcasting Corporation.

A few sentences of my comments were also used in a later report on The World Today at lunchtime, which featured security researcher Troy Hunt.

Talking the alleged Apple iCloud hack on Nova 100

Nova logoIt’s starting to look like an alleged hack of Apple’s iCloud service was the source of a series of nude photos of female celebrities that has appeared online. That news led to a series of radio appearances for me today. Starting with this one.

The story itself has already been widely reported, and I won’t go into any detail about the victims of this invasion of privacy. One good place to start is this summary at The Guardian, and there’s more technical details at TUAW. These blog posts will simply present the media spots that I did.

First up was Nova 100 in Melbourne. This was done live with breakfast presenters Meshel and Tommy at 0720, and my coffee hadn’t kicked in yet. That’s why I screwed up my first, embarrassingly-wrong go at the explanation — at least that’s my excuse and I’m sticking to it.

Play

It seems Meshel was quite taken with my name. That’s so sweet.

The audio is ©2014 dmgRadio Australia.

Keynoting the Saasu Cloud Conference 2012 with security

On 11 May I’ll be delivering one of the keynote presentations at Saasu’s inaugural conference, the Saasu Cloud Conference 2012 in Sydney.

The cloud is the enabler, it’s the medium that automation grows in. We want to focus on the value of online accounting automation, why it’s often undervalued and how you can get some for your own business or practice.

Saasu makes the online accounting system that I’ve been using since July 2007, and I know the chief executive officer and founder Marc Lehmann and chief happiness officer Tony Hollingsworth.

Good leadership and a good attitude continues to deliver a good product. Well, I think so anyway. At least it works for me.

My keynote will be something about security and the cloud, obviously enough, but I’ll lock down the details before the end of this week.

Mind you, I wrote the ZDNet Australia feature Cloud security? Better get a lawyer, Son! in October 2010, and since then I’ve written Cloud could be ‘privacy enhancing’: Pilgrim and Hybrid clouds the eventual reality for risk management and Today’s cloud winners: the cybercriminals and Want government cloud? Rethink security! so I’ve got plenty of material to start with.

Saasu has kept the price down to a reasonable $99 for a full-day event. You can register online.

[Update 11 May 2012: I’ve just posted notes and background material for my presentation, Security and the Cloud: Hype versus Reality.]